User模型扩展和自定义

参考如下：

django文档参考

django signal使用总结

django 信号注册

django信号问题1

django oneTooneFiled

 

 

 

1. django 自定义用户user模型的三种方法

 

1.1 创建基于User 的proxy model，就是使用代理模型

1.2 使用abstractuser扩充fields

试验过，但是总是有报错，应该是哪里设置的问题。

复制代码 代码如下:

profiles/models.py

from django.db import models
from django.contrib.auth.models import AbstractUser
from django.utils.translation import ugettext_lazy as _

# Create your models here.
class KarmaUser(AbstractUser):
karma = models.PositiveIntegerField(_("karma"),default=0,blank=True)
settings.py

AUTH_USER_MODEL = 'profiles.KarmaUser'

　　

1.3.使用一对一关系将相关的模型一个个联系起来，扩充原来的User模型

这很像django 1.5之前的方式.很适用于创建第三方扩充包的场景,松耦合,不会破坏之前项目的结构.

需要此方法的场景:
- 在自己的django prj下,希望有多重user拥有各自很不相同的字段.或许希望有些用户组合起来一些用户的类型字段,并且希望能在模型层面上解决这些问题.
例子如下:

profiles/models.py

复制代码 代码如下:

from django.conf import settings
from django.db import models

from flavors.models import Flavor

class EaterProfile(models.Model):
# 默认用户资料
user = models.OneToOneField(settings.AUTH_USER_MODEL)
favorite_ice_cream = models.ForeignKey(Flavor,null=True,blank=True)

class ScooperProfile(models.Model):
user = models.OneToOneField(settings.AUTH_USER_MODEL)
scoops_scooped = models.IntegerField(default=0)

class InventorProfile(models.Model):
user = models.OneToOneField(settings.AUTH_USER_MODEL)
flavors_invented = models.ManyToManyField(Flavor,null=True,blank=True)

 

1.4.继承abstractbaseuser来替代原来的User模型

只有当你对usermodel里面的默认字段不满的时候才要使用,这个方法只保留了passwork,last_login,is_active三个字段。

参考官方文档:
https://docs.djangoproject.com/en/1.7/topics/auth/customizing/

 

 

个人认为在我的建站场景中,第二种最合适.正在测试是否可以用抽象类简化模型.待续...

以上3种方法各有优劣,大家根据自己的需求,自由选择吧。

 

2.  OneToOneFiled的具体实现记录

1. 需求： 为了防止暴力破解，要求玩家连续登录5次错误之后帐号锁定10分钟（10分钟后自动解除锁定）。管理员可以手动解除锁定。用户登录成功后错误次数清零。

2. 做好的登录app目录如下：

 

 

3. 设计数据库 loginapp/models.py如下:

#-*- encoding:utf-8 -*-

from django.contrib.auth.models import AbstractUser
from django.contrib.auth.models import User
from django.db import models
import datetime
import django.utils.timezone as timezone

class Userotherstatus(models.Model):
    user=models.OneToOneField(User,on_delete=models.CASCADE)
    is_freezed=models.BooleanField(default=False,help_text=u"帐号是否被冻结")
    freezed_time=models.DateTimeField(null=True,blank=True,help_text=u"帐号冻结的时间点")
    pass_errnum=models.IntegerField(default=0,help_text=u"密码已经错误次数")

注意：通过 python manage.py migrate将models应用导数据库后，创建用户过后，User模型一对一的Userotherstatus模型对应的数据库表里面没有数据。

解决办法使用 django signal。当我们创建和更新用户实例时，Userotherstatus模块也会被自动创建和更新。

4. signal 实现如下：

参考: https://blog.csdn.net/qq_32506555/article/details/53219036

参考: https://yiyibooks.cn/xx/Django_1.11.6/topics/signals.html

loginapp/signals.py

#-*- encoding: utf-8 -*-

from django.db.models.signals import post_save
from django.contrib.auth.models import User
from .models import Userotherstatus
from django.dispatch import receiver

@receiver(post_save, sender=User)
def creat_user_otherstatus(sender,instance,created,**kwargs):
    print "use signal creat"
    if created:
        Userotherstatus.objects.create(user=instance)


@receiver(post_save, sender=User)
def save_user_otherstatus(sender, instance, **kwargs):
    print (" use signal save")
    instance.userotherstatus.save()


#

signal 信号注册：

loginapp/apps.py

# -*- coding: utf-8 -*-
from __future__ import unicode_literals

from django.apps import AppConfig


class LoginappConfig(AppConfig):
    name = 'loginapp'

    def ready(self):
        import loginapp.signals

 

loginapp/__init__.py

default_app_config = 'loginapp.apps.LoginappConfig'

 

5. 后台views的实现  loginapp/views.py:

 

思路： 

帐号是否锁定》锁定》判断是否过了锁定时间》是》解锁并且错误次数设置为0

　　　　　　　　　　　　　　　　　　　　　否》提示处于锁定状态

　　　　　　》没锁定 》判断错误次数

　　　　　　　　　　》都不满足进行登录验证

 

# -*- coding: utf-8 -*-
from __future__ import unicode_literals
from django.shortcuts import render
from django.http import HttpResponse, HttpResponseRedirect
from django.contrib.auth import authenticate,login,logout
from django.contrib.auth.models import User
# from django.contrib.auth.models import BaseUserManager
# from django.contrib.auth.hashers import make_password, check_password
# from django.views.generic.base import View
import datetime
from LoginForm import MyLoginForm
from loginapp.models import Userotherstatus
from django.views.decorators.csrf import csrf_protect,requires_csrf_token
# Create your views here.

@requires_csrf_token
@csrf_protect
def MyLogin(request):
    lock_time=60
    pass_error_limit=5
    form = MyLoginForm()

    if request.method=="POST":
        print request.path
        #验证表单
        form = MyLoginForm(request.POST)
        if form.is_valid():
            username=request.POST["username"]
            password=request.POST["password"]

        #验证用户
        try:
            user_id=User.objects.get(username=username).id
            print 1111111111111111111111
        except Exception:
            return render(request,'loginapp/login.html',{'form':form,'msg':"用户不存在"})
        freezed_time=Userotherstatus.objects.get(user_id=user_id).freezed_time
        pass_errornum=Userotherstatus.objects.get(user_id=user_id).pass_errnum
        is_freezed=Userotherstatus.objects.get(user_id=user_id).is_freezed

        print(freezed_time,pass_errornum,is_freezed)

        if is_freezed==True and freezed_time:
            print 2222222222222222222222
            print ((datetime.datetime.now() - (freezed_time.replace(tzinfo=None))).total_seconds())

            if (datetime.datetime.now()-(freezed_time.replace(tzinfo=None))).total_seconds()>lock_time:
                print("重置")
                Userotherstatus.objects.filter(user_id=user_id).update(is_freezed=False,pass_errnum=0)
                # Userotherstatus.objects.filter(user_id=user_id).update()
                user=authenticate(username=username,password=password)
                if user is not None and user.is_active:
                    login(request,user)
                    User.last_login=datetime.datetime.now()

                    return HttpResponse("登录成功")

            else :
                return render(request,'loginapp/login.html',
                              {'form':form,'msg':'帐号锁定中,请稍后再尝试,需要解锁请联系管理员!'})

        if pass_errornum>=5:
            print 33333333333333333

            Userotherstatus.objects.filter(user_id=user_id).update(is_freezed=True,pass_errnum=0)
            Userotherstatus.objects.filter(user_id=user_id).update(freezed_time=datetime.datetime.now())

            return render(request,'loginapp/login.html',
                          {'form':form,'msg':"密码连续错误5次，帐号已经被锁定"})

        else:
            user=authenticate(username=username,password=password)
            if user is not None and user.is_active:
                login(request, user)
                User.last_login = datetime.datetime.now()
                Userotherstatus.objects.filter(user_id=user_id).update(is_freezed=False,pass_errnum=0)
                # Userotherstatus.objects.filter(user_id=user_id).update()
                return HttpResponse("登录成功")
            else:
                print 4444444444444444444444
                Userotherstatus.objects.filter(user_id=user_id).update(pass_errnum=(int(pass_errornum)+1))

                return render(request, 'loginapp/login.html',
                              {'form': form})

    else:
        return  render(request,'loginapp/login.html',
                       {'form':form})

 

6. 附上 表单 loginapp/LoginForm.py

#-*- encoding: utf-8 -*-

from django import forms

class MyLoginForm(forms.Form):

    username=forms.CharField(label="inputUser",
                             max_length=20,
                             error_messages={'required':"请输入用户名"},
                             widget=forms.TextInput(
                                 attrs={
                                 'placeholder':"User Name",
                                 'required':'True',
                                 'class':'form-control'
                                })
                             )
    password=forms.CharField(label="inputPassword",
                             max_length=100,
                             error_messages={'required':"请输入密码"},
                             widget=forms.PasswordInput(
                                 attrs={
                                     'placeholder': "Password",
                                     'required':"True",
                                      'class':'form-control',
                                 })
                             )

 

7. 附上  login.html 

<!DOCTYPE html>
<html lang="zh-CN">
  <head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <!-- 上述3个meta标签*必须*放在最前面，任何其他内容都*必须*跟随其后！ -->
    <meta name="description" content="">
    <meta name="author" content="">
    <link rel="icon" href="../static/favicon.ico">

    <title>Signin Page</title>

    <!-- Bootstrap core CSS -->
    <link href="https://cdn.bootcss.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet">

    <!-- IE10 viewport hack for Surface/desktop Windows 8 bug -->
    <link href="../static/css/ie10-viewport-bug-workaround.css" rel="stylesheet">

    <!-- Custom styles for this template -->
    <link href="../static/css/signin.css" rel="stylesheet">

    <!-- Just for debugging purposes. Don't actually copy these 2 lines! -->
    <!--[if lt IE 9]><script src="../static/js/ie8-responsive-file-warning.js"></script><![endif]-->
    <script src="../static/js/ie-emulation-modes-warning.js"></script>

    <!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries -->
    <!--[if lt IE 9]>
      <script src="https://cdn.bootcss.com/html5shiv/3.7.3/html5shiv.min.js"></script>
      <script src="https://cdn.bootcss.com/respond.js/1.4.2/respond.min.js"></script>
    <![endif]-->
  </head>

  <body>

    <div class="container">

      <form class="form-signin" action="" method="post">
        {% csrf_token %}
        <h2 class="form-signin-heading">Please sign in</h2>
        {{form.username.errors}}
        {{form.username.lable_tag}}
        {{form.username}}

        {{form.password.errors}}
        {{form.password.lable_tag}}
        {{form.password}}
        <div class="checkbox">
          <label>
            <input type="checkbox" value="remember-me"> Remember me
          </label>
        </div>
        <button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
        {{msg}}
      </form>

    </div> <!-- /container -->

    <!-- IE10 viewport hack for Surface/desktop Windows 8 bug -->
    <script src="../static/js/ie10-viewport-bug-workaround.js"></script>
  </body>
</html>




<!--<form class="form-signin" action="" method="post">-->
        <!--<h2 class="form-signin-heading">Please sign in</h2>-->
        <!--<label for="inputUser" class="sr-only">User</label>-->
        <!--<input type="text" id="inputUser" class="form-control" placeholder="User Name" required autofocus>-->
        <!--<label for="inputPassword" class="sr-only">Password</label>-->
        <!--<input type="password" id="inputPassword" class="form-control" placeholder="Password" required>-->
        <!--<div class="checkbox">-->
          <!--<label>-->
            <!--<input type="checkbox" value="remember-me"> Remember me-->
          <!--</label>-->
        <!--</div>-->
        <!--<button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>-->
      <!--</form>-->